Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

email_verified and is_private_email now returned as boolean by Apple's API? #39

Open
mikebouwmans opened this issue Feb 9, 2024 · 3 comments
Open

email_verified and is_private_email now returned as boolean by Apple's API? #39

mikebouwmans opened this issue Feb 9, 2024 · 3 comments

Comments

@mikebouwmans
Copy link

Hi,

It looks like there was a possible change in Apple's API. It now seems the is_private_email and email_verified fields are now returned as boolean rather than a string. So the code in vendor/azimolabs/apple-sign-in-php-sdk/src/Auth/Factory/AppleJwtStructFactory.php:27 is not right anymore.

See response below: (I var_dumped $claims variable)
["email_verified"]=> bool(true) ["auth_time"]=> int(REDACTED) ["nonce_supported"]=> bool(true)

Not sure what's the best way to fix this, so submitting an issue. Possible a boolval() works?
@mikebouwmans mikebouwmans changed the title email_verified and is_private_email now returned as bool by apple? email_verified and is_private_email now returned as boolean by Apple's API? Feb 9, 2024
@hywak
Copy link
Collaborator

hywak commented Feb 12, 2024

Hey @mikebouwmans,

Thank you for raising the issue!

I've reviewed the code, and the problem is probably in the Lcobucci\JWT\Token library.

There is an e2e test that could be used to verify if your change works correctly. Simply replace the code:

            // For some reason Apple API returns boolean flag as a string
            (string) $claims->get('email_verified', 'false') === 'true',
            // For some reason Apple API returns boolean flag as a string
            (string) $claims->get('is_private_email', 'false') === 'true',

With the:

            $claims->get('email_verified', false),
            $claims->get('is_private_email', false),

And run the test with the valid token.

@mikebouwmans
Copy link
Author

I've tried using the e2e test but got the following error: Azimo\Apple\Api\Exception\UnsupportedCryptographicAlgorithmException: Cryptographic algorithm `YuyXoY` is not supported.

But that seems unrelated to this issue. I have tried it using a valid token and your suggested change seems to work. Still wondering if Apple's api actually changed. Couldn't find anything online.

@hywak
Copy link
Collaborator

hywak commented Feb 14, 2024

I can't remember exactly how the app needs to be configured. The list of supported algorithms is taken from the API response [1]. It seems like the app generates token using YuyXoY algorithm but Apple doesn't support it anymore.

If your change works and you are able to prove that with an e2e test, create a PR please 🙏🏼

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hywak @mikebouwmans